artem-hatchenko · October 21, 2025 11:16
diff --git a/eks_fluent_bit_iam.tf b/eks_fluent_bit_iam.tf
 # Get list of buckets without duplicates for IAM policy
 locals {
  log_s3_buckets = toset([for o in var.log_s3_outputs : o.bucket])
 }

 data "aws_iam_policy_document" "s3-logging" {
  dynamic "statement" {
    for_each = local.log_s3_buckets

    content {
      effect = "Allow"

      actions = [
        "s3:PutObject",
        "s3:PutObjectAcl",
        "s3:AbortMultipartUpload",
        "s3:ListBucket",
        "s3:GetBucketLocation"
      ]

      resources = [
        "arn:aws:s3:::${statement.value}",
        "arn:aws:s3:::${statement.value}/*"
      ]
    }
  }
 }
	# Get list of buckets without duplicates for IAM policy
	locals {
	log_s3_buckets = toset([for o in var.log_s3_outputs : o.bucket])
	}

	data "aws_iam_policy_document" "s3-logging" {
	dynamic "statement" {
	for_each = local.log_s3_buckets

	content {
	effect = "Allow"

	actions = [
	"s3:PutObject",
	"s3:PutObjectAcl",
	"s3:AbortMultipartUpload",
	"s3:ListBucket",
	"s3:GetBucketLocation"
	]

	resources = [
	"arn:aws:s3:::${statement.value}",
	"arn:aws:s3:::${statement.value}/*"
	]
	}
	}
	}
No results found